Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
323
Views
0
Helpful
3
Replies

Switch Port Security Puzzler

Go to solution
forbesl
Level 1
Level 1

‎06-01-2003 02:02 PM - edited ‎03-02-2019 07:47 AM

We have a Cisco 2900 series switch with a port configured for "port security action shutdown" and "max-mac-count 1". It works like it's supposed to, but we ran across something strange that we can't explain:

One of the system administrators accidentally assigned a duplicate IP address to one of our host machines. Of course, the machine immediately shut off its network services and popped up an IP conflict message box; however, the switch port it was connected to (with port security configured) also shut down. When we configured the machine for the correct IP and cleared the mac on the port, it started working as it should. I did a test and changed the IP address of the machine to one that was NOT a duplicate IP and it also worked fine. Upon changing it back to a duplicate IP, though, the switch port shut down again.

Why is this happening? I understand how port security works and I realize it's a moot point either way, since a machine will shut down its network services anyway with a duplicate IP (even if the switch port doesn't). BUT, I assumed (maybe incorrectly) that the switch port tabled only the secure mac address. How is IP being thrown into this? Any answers would be appreciated.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Prashanth Krishnappa
Cisco Employee
Cisco Employee
In response to forbesl

‎06-03-2003 12:23 PM

There is no fix from Cisco side atleast, since our switches are working as expected. If you wish to pursue this, I suggest that you contact Microsoft support and ask them why a gratutious ARP with contender's IP address and Mac address is sent out. If you do contact them, please share your findings

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Prashanth Krishnappa
Cisco Employee
Cisco Employee

‎06-03-2003 10:00 AM

There is a bug open for similar issue on a CAT5k which is closed

http://www.cisco.com/cgi-bin/bugtool/onebug.pl?bugid=CSCea47047

The problem was found to be with Microsoft Windows (NT, win2000). It is sending a gratutious ARP with contender's IP address and Mac address.

0 Helpful

Go to solution
forbesl
Level 1
Level 1
In response to Prashanth Krishnappa

‎06-03-2003 12:15 PM

Thanks much for the info! This must not be a wide-spread problem since I only got 1 reply to this posting. I noticed there's really no bug fix for this....

0 Helpful

Go to solution
Prashanth Krishnappa
Cisco Employee
Cisco Employee
In response to forbesl

‎06-03-2003 12:23 PM

There is no fix from Cisco side atleast, since our switches are working as expected. If you wish to pursue this, I suggest that you contact Microsoft support and ask them why a gratutious ARP with contender's IP address and Mac address is sent out. If you do contact them, please share your findings

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents